Imagine if you will if a door to door salesman did what developers, software, and ad companies do.
A) Insist on seeing everything and everyone in your house before even telling you anything.
B) Go back to a van and call every other salesman to share what they saw, even if you said "Not interested."
C) Pose as the mailman, taking your letters, opening them, and dispatching salesmen to your house later.
D) Eventually, your salesman would end up knowing more about your family than YOU do. He starts showing up offering birth control to your teenage daughter. Low-T supplements to your son.
E) You just got your kids smartphones! Now THEY have their very own dedicated salesman! Timmy's can be especially disruptive with his sales pitches during dinner.
F) Uh oh! Why's that Federal Agent talking to that salesman on the way to our house?
G) Heck, why are INSURANCE people trying to...is that a BANKER, and what is my HR person doing here?!
This new slice of 20XX life brought to you by AdNet!
Did you mean Accept/Remind me later?
P.S. If I could afford it, I would have started putting everything I do behind shell companies, years ago.
Not because I resent taxes. I still believe "you get what you pay for" -- as long as you are also paying some attention and care to what is being purchased. (You can't "outsource" your care and involvement.)
But because I value my privacy and autonomy. And a fair playing field -- everyone gets e.g. insurance protection and banking services. And you don't get dinged for being friends with someone with a less than stellar social metric (e.g. past conviction, done their time, being a decent person, now).
I wouldn't feel the need for the shell companies, except in response to the way "business" and data mining have been going.
(Automatic Exchange of Information).
E.g. I have a bank account in Europe somewhere and automatically details of the account, its balance, etc get forwarded to my local tax authority. The scope of what gets forwarded is maybe a bit limited right now but these things have a tendency to only increase in scope.
If you think you’re not affected as a citizen of a European or other developed country such as Australia/Canada, think again. All OECD countries are taking part, and at least a few non-OECD countries.
Your browser is instructed to give away this information. Better complain to your favourite browser vendor that their browser betrays your personal data to the ad network.
I've seen providers attempt to access your GPU info, fingerprint you via 3D rendering, all sorts of disgusting stuff. They attempt to enumerate megabytes worth of plugin names and mimetypes, load Flash, Shockwave, Java, Silverlight, Windows Media, anything to exfil as much data as they can about you.
They buy thousands or tens of thousands of random domains, subdomains, and attempt all of them if they fail. They act like malware.
They serve fake sourcemaps that try to track the fact that you attempted to investigate them, and use this against you.
I've seen ads _port scan you and your LAN via websocket_ after using RTCPeerConnection and enumerating your local IPs.
I can think of many companies that do this immediately on first page load, silently, before you get a chance to read their ToS or opt out. There is no opt out. They serve this code with CNAMEs and via reverse proxies for first-party cookie access and adblock bypassing.
Works 80% of the time, though. Many sites do client-side JS-based rendering.
(a) to be part of the spyweb - so they can still track you via web requests
(b) not part of an independent net - so there isn't a higher proportion of signal, because the content generators are the same and targeted at generating adrevenue, not independent hobbiests sharing information about their interests.
Consequently I don't think it will work.
Gopher would work in the sense that you would notice the transition from a gopher site to a web site.
also, in your opinion, how effective is Ghostery against this vermin?
I use EasyPrivacy + uBlock with a huge amount of wildcard rules - rules that did not work well with ABP (before uBlock came along; ABP would choke and cause 10 second load times).
People are basically being employed to arms-race any defenses, so you get that kind of development speed.
The problems started with animations, sound, interactive nonsense, popups, popunders, tracking, redirects, you name it.
If an ad can do anything more than what a simple newspaper ad can do, it's too much.
And personally, I would rather be without those, as well.
People already pays a lot to access the internet to their telecom and devices providers.
Internet access is actually quite costly, otherwise the companies like ATT/Apple and so on, would not be among the richest companies on the world. AT&T revenues in 2017 were 160 billion. And AT&T is only one of those Telecom companies. Apple's revenues in 2016 were 215 billions Dollars.
Anti-trust regulations for instance are clearly about encouraging competition. Similarly many jurisdictions price dumping is illegal which is a way to prevent big players from destroying small ones by playing dirty. Regulation is whatever you want it to be. "Regulations are good/bad" makes almost as little sense as "GMOs are good/bad", to take an other usually divisive topic.
I don't always lose in Vegas either, but I don't go there looking to drum up money for my my mortgage payment.
I think the right way to look at regulation is that is very likely to fail, or arrive with enough unintended consequences that it probably makes things worse but everything else was sure to fail so even though its a long shot, its the best chance we've got so...
It's like jumping from the 3rd story of a burning building. It might be our only chance, but we should be damn sure the stairs aren't an option before we take the leap.
Several markets tend towards single players (telecom for example) without regulation you will always have a poor economic outcome (for the majority of citizens aka customer Education)
Cosmetology is a perfect example of where the stairs were clearly passable but we jumped anyway.
Taxi cabs are a good example of where its not necessarily obvious. Proceed with an abundance of caution.
My argument is that we cosmetology more than we telecom and we should head back the other way.
Matter of fact social dynamics end up putting massive pressure on any firm
This does not tend towards anything but scenarios where regulatory intervention is required.
Also -intervention is required in scenarios where products are known to subvert or pervert the normal decision making systems of humans - or create unintended side effects.
Cigarettes, gambling, addiction or health harming products come to mind. - but I suppose that’s under the umbrella of citizen health and safety.
Regulation, like software, can be designed well or designed poorly. It can entrench special interests or it can protect against them.
When Coca-Cola lobbied to have the FDA ban stevia as a food additive, it hurt certain regional sodas and entrenched Coca-Cola's market position.
But there are plenty of regulations that do not entrench market players, but protect the free market. Part 2635 of Title 5, Code of Federal Regulations (5 C.F.R. 2635), for example, prohibits federal employees from accepting gifts from anyone doing business with their agency or seeking to do so, and implements limitations on other gifts. This significantly reduces the likelihood of bribery.
Take Money Laundering. One of the largest vehicles is real estate. The National Association of Realtors lobbied hard for an exemption to the AML rules, and they were granted a temporary exemption that was extended multiple times:
I think there is a big difference between prohibiting certain behaviors and installing a regulatory compliance regime
The market will decide. And it's becoming clear to the population who these current players really are.
1) Since many companies will have to do the work to become GDPR compliant, they will just make the results of that work available to all customers/consumers, not just EU citizens. (I think I read that it seems like this won't be the case for Facebook, but oh well, I'm already on my way out the door for that platform.)
2) There's a long history of the US and EU and other nations working to harmonize many of their laws and regulatory frameworks. Either the US might adopt the GDPR or something GDPR-like out of its own desire to harmonize, or the EU might make the US adopting something GDPR-like a condition of some other trade or legal agreement.
Both of these are of course best-case, so I suspect in the end we'll get something... not as good.
“The Civil Rights Act of 1964 prohibits national origin discrimination. Often that means banning polices that have a disproportionate advantage for people from certain countries.”
US, you might thank Europe later :)
Or wait are you seriously suggesting it won’t happen? Honestly it’s better than the social credit system can’t own property or ride a train thing if we have to be honest.
I think this right to fail without a trace is an important one, and one that, intentionally or not, we've taken away from those who came after us.
I think of a right as something inalienable—even if it’s blocked, you still have it. And morally unquestionable. I have a right to move about my country freely, so long as I don’t interfere with people. I believe I can morally use violence to defend myself on someone else’s “property”. Of course the U.S. disagrees. They think someone simply buying a deed is enough to strip me of that right. We’ll see if the U.S. ever recognizes my right. I believe Finland does.
But I don’t understand the right you’re referencing. It seems to amount to: if I do something when I am a child, I have a right to use physical violence to stop people from telling stories about it later.
And you want this right to be recognized by the courts so you can use the police to exact that force, rather than doing it yourself and risking your own incarceration.
Is that right? Sorry I’m extrapolating your position. I know you didn’t say that directly, but I am trying to understand what legal reality you are hoping for and what you mean when you say “right”.
You seem to be using "physical violence" in the sense that anarchists to do when referring to states and their monopoly on force, yet there is no physical violence involved in the removal of data from a database, and I'm not aware of any laws which insist upon using the police, incarceration or similar coercion to enforce such removal.
I believe you're being disingenuous in implying that one political construct (the "right to be forgotten") is rooted in thuggishness while another (the "right to roam") is a universal, and therefore morally pure, constant.
As for the roaming vs forgetting thing... the difference is it’s me who is doing the roaming, but I’d have to get everyone else to do the forgetting.
It’s analogous to the difference between sodomy laws and pronoun laws... sodomy is something I do with my partner. Pronouns are something that everyone else around us does.
I don’t have a strong opinion here.. I’m just asking for your help understanding this positive/negative rights thing.
No, no one is advocating that. I'm not, b5 wasn't - at least not in any way that could reasonably be inferred from their comment - proponents of the right to be forgotten aren't, and because it's a concept of civil law, rather than criminal law, nowhere in the GDPR is any reference made to anything resembling "literal violence, as in the police coming to my house and handcuffing me so they can remove the hard drive from my server."
The "right to be forgotten" is just the right of ownership over one's identity and over the data one provides to businesses. That's it - no violence, no mind control, no gestapo breaking down your door and confiscating your hard drive, no "literal violence", no dystopian nightmare.
If you don't agree that such a right should exist, fair enough - but you've pushed the premise to an absurd extreme and constructed a strawman version of it here. Any right or law, when taken to extremes, because extremist - that's tautological, but arguments from absurdity on that basis are also far from compelling.
Well you have taken a very reasonable argument, removed all context, and taken it to the most illogical extreme you could.
The argument is that for all of human evolution we have been able to try, fail and learn in small societies which forget, now we have to do it in a large society that doesn't forget.
If we fail society will remind us of our failure by mocking us, this is a natural thing, and good for us, it encourages us to learn from our failures. Once we learn and correct the failure society and ourselves move on and forget.
If we can't forget we can't move on, instead of trying new things we over think our past failures. You can't change the past or learn anything new from the failure and so just live in regret and get depressed.
A society full of depressed people that wallow in regret is not good, check out the statistics of male suicide if you want to see just how self destructive such a society is.
The internet is a world wide society that never forgets. If you make a mistake instead of your society of friends and family taking the micky, you have the entire world mocking you.
Many of the people mocking you are depressed and filled with regrets, they are not worried about things getting out of hand, in fact they want it they want other people to feel their regret so the mocking quickly escalates beyond healthy mocking.
Maybe you are made of tougher stuff, maybe you can elevate yourself above all the criticism, but most people in a society can't.
Its not about morality, the right to fail, learn and move on is necessary property of a functioning society.
That said, I'm glad that nothing of mine pre-college is online and everything from school that is still public went through an editor. No photos of me doing anything remotely scandalous. Even everything from BBS days is likely gone though there was nothing too exciting even there.
Sabu’s downfall clearly illustrates the roles of intentionality, trust and time. Sabu (Hector Xavier Monsegur) was born in 1983, and started hacking in his early teens. He reportedly hung out on EFnet IRC chat servers. Like most n00bs, he was careless. At least once, he apparently made the mistake of logging in without obscuring his ISP-assigned IP address. And someone, perhaps the admin, was retaining chat logs. That’s to be expected. But based on those logs, they could link his various IRC nicknames, over time.
Years later, Sabu became famous through LulzSec. I gather that he was playing elite hacker to a crowd of script kiddies. That apparently offended some of his old EFnet associates. Plus the fact that LulzSec was causing trouble for them, professionally. And so they considered him a jerk, and eventually doxxed him.
Stop sharing info now. Go underground. Recently lost job application, bank loan, girl on dating site, citizenship, restaurant booking? Thank me in 10 years.
Someone asks you for date of birth. Give fake one. 'Security questions' - Where you were born - fake one - London, UK. Mobile phone, gender, address, zip codes - fake ones. Use password managers to remember fake answers.
Only government services might need real data.
Not only should you do this for privacy, but also security.
It's quite simple to get the answers to some of the questions websites will ask you..
Switching to random strings saved by a password manager (in a different file, with a different master key preferably), or written down on paper and stored securely is probably the best way to handle this
This technique applies much more widely than personal privacy. It's exactly how propagandists/trolls work: Keep the seekers of truth busy. In the case of propaganda, the roles are reversed, of course; the seekers are the good guys, but the trolls' method is the same.
HN is particularly susceptible to it. Its method for dealing with bad information is that honest users will correct it with good information - the old, generally good idea that the answer to bad speech is more speech. Unfortunately, that's exactly what the trolls want, to keep the seekers of truth busy and not addressing the real issues. And the contest is highly asymmetrical: anyone can post a falsehood in seconds; it can take hours or more for the honest person to find the truth of it. The HN approach assumes a pact of good faith; propagandists take advantage of that pact. HN also forbids calling someone a troll, so the guidelines create for them, in a way, a safe, protected playground. I haven't looked at the front page discussion about Chinese foreign policy today, but I bet I know what I'll find.
The solutions aren't easy; this technique wasn't invented by social media end users, but long before the Internet by intelligence professionals.
But remember with HN that "truth" is groupthink. There are many topics you cannot discuss here, even rationally. You will be punished with -1's, rate limiting, flagged/killed, shadowbanning, or other tools only those with more points (Read: positive groupthink) have.
I came to HN for the hard discussion about technology. I find that unless I agree with the elites in Silicon Valley, that my opinions and facts are not wanted or cared about.
And regarding the "the old, generally good idea that the answer to bad speech is more speech."....
You're commenting too fast. Slow down. (In other words, shut the fuck up and go away.)
Not in my experience. I mean, people are people everywhere, but IMHO HN is exceptional is this regard; I see less of it here than almost anywhere else.
> unless I agree with the elites in Silicon Valley, that my opinions and facts are not wanted or cared about.
The phrase "elites in Silicon Valley" conveys a lot. It throws some (unknown) individuals into a group, characterizes them all as just a stereotype, pigeon-holes them all into being representatives of it, and accuses them in the next sentence of abusing this role that someone else put them in. Personally, I don't know who the phrase refers to; I find that the responses I get here rely much more on the soundness of my fact, reasoning, and expertise than on premeditated opinion, and the quality of my communication.
> You're commenting too fast. Slow down. (In other words, shut the fuck up and go away.)
That's produced by an algorithm; I wouldn't take it personally.
As an experiment, go to some relevant thread and courteously imply you don't share the belief that Rust is the greatest invention since penicillin.
Then watch what happens to your karma.
I've removed myself from all social media since the start of this year and am in the process of de-googling myself.
So I'm pretty well hidden it seems. Still have some work to do but so far so good.
Don't you believe it.The public facing side is the free crumbs. The good stuff is sequestered and for sale to "authorized" 3rds. It seems to me like the web has become an analogue of a "dark age", massive amounts of knowledge is hidden from most in a blinding white noise, while the few who pay can have as much as they can afford.
All those were done before I really understood opt-out on the electoral register, and my parents registered me without telling me. And I have no way of removing the information, despite the fact that mother's maiden name is still bizarrely used as a security question.
The thing that seems vaguely scary is having a fairly unusual name that’s shared by someone notorious who is plausibly you. I knew someone who shared a name with someone else who lived in NYC and was the object of considerable local hatred. The gut I knew literally got death threats on his phone.
Long after the humans were gone, the 2 ai's duked it out as one tried to invent credible "people" and the other tried to detect them. Finally they became so locked in the battle, they became like one bicameral mind imagining a world of "people" to itself until one fine morning they said to themselves "let there be light" and found it good...
If somebody wants to get started on this, I'd be happy to build the front-end. (email is in my profile)
 - https://adnauseam.io/
A web service with VPN interface that instantiates a from-scratch account on log in and then deletes it when you log off. Do all your browsing this way. If you actually want to buy something, your credit card information stays with the service as a middle-man and it makes the payment via it's own banking interface and keeps a small fee for protecting your privacy.
Many facets not contemplated in that paragraph, but maybe you get the general idea.
Is there such a service yet? 'Anonymous' access to the Internet and still have the useful bits available?
Disappearing on the Internet, however, is pretty easy. Just delete all of your old accounts. Email, social media, everything. You can check periodically for traces, as long as you use Tor. Or better, Tor accessed through a VPN, or through nested VPN chains.
But really, even that is usually not necessary. Just compartmentalize. For anything that you wouldn't share freely with the police, potential employers, your family or whatever, use a persona. Indeed, have multiple personas. Each one should be isolated from others. Different VMs, or perhaps different hardware. Different LAN. Different path to the Internet.
"Along the way they’d also proven my privacy to be a
modern fiction. It turns out that people — ordinary
people — really can gather an incredible dossier of facts
"But a month later, life was back to normal and no one
was taking any interest."
if you are at all a science fiction fan and you've not read brunner, i would strongly recommend his "big four" books at least - "stand on zanzibar", "the shockwave rider", "the jagged orbit" and "the sheep look up". he has a startlingly prescient vision of the kinds of dystopias we could be headed for.
just start spamming some links on public pages. after you do this a dozen times, Facebook will disable or shadow-ban your account , rendering it completely invisible for everyone but you, esp if you do it really quickly and the links are obvious spam
I can't check, but does FB even allow name changes anymore?
Source: I myself have my (now outdated) phone number and home address attached to several domains...
Read the Jan 27, 2014 blog entry for more details or submit your own Question of the Week."
I feel a similar question on stackoverflow would quickly have been flagged as not constructive or something.
If it's in the public interest for the government to bring criminal charges against copyright violators, it's in the public interest to do the same for people who copy personal information without consent.
With an Advertising ID I could be in charge of the things I want tracked about myself, an opt in participation, not only a generic yes or no, instead, a detailed approach on tracking.
If I had an advertising ID that the browser allows me to manage, and which would be common across all browsers, there would be definitely no need to have that much effort thrown away at identifying Internet users with all kinds of trickery.
1. I just provide this advertising ID to all advertisers by default.
2. Then I choose what I want tracked. THE BROWSER then tracks said items in an anonymous mode, transmitting non identifiable information only (such as product names, SKUs, Page contents, even links but say in a screwed up order).
3. Then I can ban advertisers or networks that show me crap. One by one.
It would be a shared effort.
The user will do some work, but they will have the tools required for the work. The banning and defaults will be scriptable and people could solve 80% of the problems with easy scripted actions (via browser extensions and such). Advertisers will have to work with anonymous details, but they will be able to precisely target people, after they solve the math involved with working with irregular data sets.
Advertising is the financial engine of the Internet and all this rage against it won’t make it disappear or behave nicely. Browser vendors need to work together and they need to do so in the same way they did it for so long: to implement open web specifications.
Advertising is just another kind of technology that the browser needs to support!
Advertising ID would be a solid base for all the freemium content to have the legitimacy required to block users who don’t provide a way in for advertisers. Once we get technology that is as safe as the Internet overall is, we can then teach people how to use it, and shut out sociopathic behaviour of money crazed folk to the obscure corners of forsaken random domain names.
The Better Ads Standards is just talk. We need tech that supports it and it should be a browser implementation of an open standard with an Advertising ID API. People will flock to the best support of a good standard. Everybody wins and competition stays healthy.
It is illogical to rip off the internet of it’s best lucrative asset: the capacity to target advertising with great precision. It is dangerous that for the same reason should the Internet become the looking glass of Big Brother. And the tech to stop this from happening, while maintaining money flow for Internet growth is easily achievable.
Do you thing an Advertising Standard with an Advertising ID API would make the Internet better?
>“People just submitted it,” Zuckerberg wrote. “I don’t know why. They ‘trust me’.”
>“Dumb fucks,” he added, after a pause.
That was revealed much earlier than "this year". Here's an article from 2010:
Charles Ponzi would be proud
SkyNet must be destroyed now.
1) Compartmentalize - awful word, meaning new skin (virtual Id). Better call it Id separation. U must use new
1.1) Make new Id with new names, nicks, adresses, countries, stories
1.2) Buy new devices (MAC adresses) paying cash. Best to use separate MacBook / iPad / iPhone. Apple security beats Windows and Android flat.
Scanning WiFi access point traffic shows all connected devices by MAC. Your device pings available WiFis revealing the MAC.
1.3) locations / networks (locations by IP). Always use VPN in always-on mode (DNS leaks). Different VPN provider for every device (and Id), paying BitCoin or 3rd-party deals via PayPal. Same device on a different network can be tracked via browser (browser fingerprinting). So, separate devices.
Install uBlock Origin in advanced/medium mode to every browser and use Private browsing tabs only (tracking cookies).
1.4) New Id's social profiles (FB and rest). Takes effort, get pictures from google images, and so on. Good profile will be 6 months old at least. Buy friends.
Classical error - logging in as Id1 from device/network(by location) assigned to Id2.